Digital entertainment business like online gaming has been on target of threat actors since ever. Recent attacks on Nintendo, Valve Corporation, and similar organizations have once again proved that some threat actor groups will always have an interest in targeting this sector now and beyond.
Recent data breach incidents
There are several cases when attackers attempted to hack into the servers or tricked the victims into giving out their game credentials.
In April 2020, Nintendo witnessed a hacking attempt on its system, resulting in a leak of login IDs and passwords of some 160,000 Nintendo Network ID accounts.
In the same month, the source code of the popular games ‘Counter-Strike: Global Offensive’ and ‘Team Fortress 2’, owned by Valve Corporation, was leaked online, leading to a possibility of exploitation of vulnerabilities or cyber-attacks on the players.
In April 2020, attackers were seen exploiting the beta version of a new video game “Valorant”. Attackers were offering a free game-key generator, which included a keylogger software, and which could steal the login credentials of the victims.
In December 2019, Zynga, the makers of popular games ‘Words With Friends’, admitted that more than 170 million usernames and passwords were stolen.
Beyond data breaches
The attacks on the gaming websites have not been limited to breach and theft of user data. There have been several other cyber incidents targeting the gaming industry.
In April 2020, EA Sport’s Origin platform was targeted by a series of deadly DDoS attacks, impacting gameplay and purchasing, and forcing the company’s servers to go offline globally.
In October 2019, the servers of Valve Corporation that are hosting Valve Source Engine and popular games like Fortnite were targeted by a new variant of the Gafgyt botnet.
Staying protected
To prevent online gaming account credentials, use strong and unique passwords, and avoid using the same passwords across multiple websites. Also if possible, use multi-factor authentication verification to login into gaming accounts. Do not use the primary credit/debit card for making in-game purchases, and put some restrictions on the purchase limits for the cards used for making in-game purchases.